-policy_module(tesseract, 0.1.1)
+policy_module(tesseract, 0.1.3)
# File context for the executable process
type tesseract_t;
type tesseract_ro_t;
files_type(tesseract_ro_t)
-#type tesseract_tmp_t;
-#files_tmp_file(tesseract_tmp_t)
-
init_daemon_domain(tesseract_t, tesseract_exec_t)
corenet_udp_sendrecv_generic_port(tesseract_t)
corenet_udp_bind_generic_port(tesseract_t)
corenet_udp_bind_generic_node(tesseract_t)
-allow tesseract_t tesseract_ro_t:dir list_dir_perms;
-allow tesseract_t tesseract_ro_t:file read_file_perms;
-#allow tesseract_t tesseract_tmp_t:file manage_file_perms;
-#allow tesseract_t tesseract_tmp_t:dir manage_dir_perms;
-
-#manage_files_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
-#manage_dirs_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
-#setattr_files_pattern(tesseract_t, tesseract_rw_t, tesseract_rw_t)
+read_files_pattern(tesseract_t, tesseract_ro_t, tesseract_ro_t)
sysnet_dns_name_resolve(tesseract_t)
-#files_tmp_filetrans(tesseract_t, tesseract_tmp_t, { file dir})